Top
ServerView Resource Orchestrator Cloud Edition V3.3.0 Automatic Quarantining FunctionUser's Guide
FUJITSU Software
Appendix A Customization of Definition Files > A.1 Definition File of the Quarantine Policy for Security Risks
PreviousNext

A.1 Definition File of the Quarantine Policy for Security Risks

This section explains the definition file of the quarantine policy for security risks.

Purpose

Create this definition file when you want to prevent L-Servers corresponding to any security risks for which notification is sent from one of the following servers to the Resource Orchestrator manager from being transferred to the quarantine network.
It is not necessary to restart the services of the Resource Orchestrator manager after editing this type of definition file.

[Trend Micro OfficeScan]

Format of the Definition File

Location of the Definition File

[Windows Manager]
Installation_folder\SVROR\Manager\etc\customize_data

Information

The sample definition file (avmgr.rcxprop.sample) is stored in the location above.
When using the sample as the definition file, place the file after deleting the ".sample" included in the file name.

Name of the Definition File

avmgr.rcxprop

Character Code

[Windows Manager]
UTF-8

Line Break Code

[Windows Manager]
CR/LF

Format of the Definition File

Describe the file using the following format.

avmgr.corp.action_filter_base={ALL_ENABLE|ALL_DISABLE}

When adding comments, start the line with a number sign ("#").

Definition File Items
avmgr.corp.action_filter_base

Specifies the quarantine policy for security risks for all notifications sent from one of the following servers to the Resource Orchestrator manager.

[Trend Micro OfficeScan]

  • OfficeScan 11.0 server

  • OfficeScan XG server

Specify one of the following options:

  • To transfer all L-Servers which have been included in notifications to the quarantine network

    Specify "ALL_ENABLE".

    It is possible to exclude specific security risks from being quarantined using the definition files of keywords for exclusion from the targets of quarantining.

  • To not transfer any L-Servers which have been included in notifications to the quarantine network

    Specify "ALL_DISABLE".

    It is possible to specify specific security risks to be quarantined using the definition files of keywords for the targets of quarantining.

"ALL_ENABLE" is specified in the following cases:

  • When the specification of "avmgr.corp.action_filter_base" is omitted

  • When an invalid value is specified

When "avmgr.corp.action_filter_base" is set more than once, the last specification will be valid.

Example

avmgr.corp.action_filter_base=ALL_DISABLE
PreviousNext
Copyright 2017-2018 FUJITSU LIMITED